Amazon

Monday 16 March 2015

JamesKernohanandSons Invoice

JamesKernohanandSons Invoice being spammed.

These emails aren't from these companies at all , they are just being used to make the email look more genuine, ie. from a real company.
Note
It's also worth remembering that the company itself  may not have any knowledge of this email and it's link(s) or attachment as it won't have come from their servers and IT systems but from an external bot net.

It's not advised to ring them as there won't really be anything they can do to help you.

Message Header::

From: JamesKernohanandSons {jkernohans49993@hotmail.com}
Subject: CREDIT 89371
Message Body:
Your report is attached in PDF format.

To load the report, you will need the free Adobe® Acrobat® reader, available to download at http://www.adobe.com/
James Kernohan & Sons Ltd
18A Tamlough Road
Randalstown
BT41 3DP

028 9447 9157
 Attachment:
Invoice 89371.zip
Inside the Zip file is a Windows Executable
Invoice_89371.pdf.exe


Sha256 Hashes:
Corrupted Zip

Malware Macro document information:
Corrupted Zip


Cheers,
Steve

No comments: